Sha256: 9d00de4b116b0aa55417dbcfb9cfc9eb6841b6285492287d9b5bb852076061de

Contents?: true

Size: 895 Bytes

Versions: 4

Compression:

Stored size: 895 Bytes

Contents

# 1.5.0

## Highlights

### OAuth DPoP Support

`rodauth-oauth` supports Demonstrating Proof-of-Possession at the Application Layer (also known as DPoP), via the `oauth_dpop` feature. This provides a mechanism to bind access tokens to a particular client based on public key cryptography.

More info about the feature [in the docs](https://gitlab.com/os85/rodauth-oauth/-/wikis/DPoP).

## Improvements

All features managing cookies are now able to set configure them as "session cookies" (i.e. removed on browser shutdown) by setting the expiration interval auth method to `nil`. This ncludes:

* `oauth_prompt_login_interval` (from the `oidc` feature)
* `oauth_oidc_user_agent_state_cookie_expires_in` (from the `oidc_session_management` feature)

## Bugfixes

* when using the `oauth_token_instrospection` feature, the `token_type` has been fixed to show "Bearer" (instead of "access_token").

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
rodauth-oauth-1.6.3 doc/release_notes/1_5_0.md
rodauth-oauth-1.6.2 doc/release_notes/1_5_0.md
rodauth-oauth-1.6.0 doc/release_notes/1_5_0.md
rodauth-oauth-1.5.0 doc/release_notes/1_5_0.md